Re: FINAL: Multi-User PostgreSQL usage SECURITY

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Mike Rogers" <temp6453(at)hotmail(dot)com>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: FINAL: Multi-User PostgreSQL usage SECURITY
Date: 2001-09-07 23:05:46
Message-ID: 11012.999903946@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

"Mike Rogers" <temp6453(at)hotmail(dot)com> writes:
> I have tried chaning pg_hba.conf to add the database field to the user,
> but that doesn't seem to help at all.

Make the database field "sameuser", and then the line only allows
connection to one's own database. You will need an escape hatch to
allow you as superuser to get into everyone's db (else you can't run
pg_dumpall). The escape hatch should be a second line in pg_hba.conf
with a tighter authorization method (eg, a secondary password file
with an entry only for you).

regards, tom lane

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Stephan Szabo 2001-09-07 23:09:28 Re: FINAL: Multi-User PostgreSQL usage SECURITY
Previous Message Mike Rogers 2001-09-07 22:08:08 FINAL: Multi-User PostgreSQL usage SECURITY